Total
95142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-62904 | 2025-10-27 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ben Huson WP Geo wp-geo allows Stored XSS.This issue affects WP Geo: from n/a through <= 3.5.1. | |||||
| CVE-2025-62941 | 2025-10-27 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dFactory Events Maker by dFactory events-maker allows Stored XSS.This issue affects Events Maker by dFactory: from n/a through <= 1.6.14. | |||||
| CVE-2025-62932 | 2025-10-27 | N/A | N/A | ||
| Missing Authorization vulnerability in wprio Table Block by RioVizual riovizual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Table Block by RioVizual: from n/a through <= 2.3.2. | |||||
| CVE-2025-62929 | 2025-10-27 | N/A | N/A | ||
| Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through <= 2.0.15. | |||||
| CVE-2025-62957 | 2025-10-27 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in NikanWP NikanWP WooCommerce Reporting wc-reports-lite allows Stored XSS.This issue affects NikanWP WooCommerce Reporting: from n/a through <= 1.0.0. | |||||
| CVE-2025-9341 | 2025-10-24 | N/A | N/A | ||
| Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java, org/bouncycastle/crypto/engines/AESNativeCBC.Java. This issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7. | |||||
| CVE-2023-7101 | 2025-10-24 | N/A | 7.8 HIGH | ||
| Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic. | |||||
| CVE-2025-9339 | 2025-10-24 | N/A | N/A | ||
| SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP software allows logged-in user a malicious query injection. Potential exploitation is limited by the 20-character limit in form fields. Identified use case allows to delete tables with a name of maximum 6 characters. We weren't able to identify a way to exfiltrate data within query character limit. This issue affects SIMPLE.ERP in versions before 6.30@a04.3. | |||||
| CVE-2022-4262 | 2025-10-24 | N/A | 8.8 HIGH | ||
| Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-27997 | 1 Fortinet | 4 Fortigate 6000, Fortigate 7000, Fortios and 1 more | 2025-10-24 | N/A | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. | |||||
| CVE-2025-39898 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |||||
| CVE-2025-62835 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-62834 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-62833 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-62832 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-62831 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-62830 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-62829 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-62828 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-62827 | 2025-10-24 | N/A | N/A | ||
| Rejected reason: Not used | |||||